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DETAILED ACTION 

1. Claims 1-15, 17-31, and 33-47 are pending and have been examined. Claims 16, 
32, and 48 have been cancelled as per amendment filed on November 14, 2005. 

Response to Amendment 

2. The objection to the drawings is withdrawn. 

3. The objection to claim 16 is withdrawn. 

4. Wood et al. (US Patent 6,668,322, hereinafter Wood) teach a single sign-on 
system using session credentials to maintain continuity (Abstract). Wood also teaches 
mapping credentials to resources (fig 1-2). Furthermore, Wood teaches using the 
gathered information to provide secure access to resources using mapped credentials 
(columns 11-16). 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the Invention was known or used by others In this country, or patented or described in a printed 
publication In this or a foreign country, before the invention thereof by the applicant for a patent. 

6. Claims 1 -8, 1 2-1 5, 1 7-24, 28-31 , 33-40, and 44-47 are rejected under 35 
U.S.C. 102(a) as being anticipated by Cohen etal. (US Patent 6,178,511, 
hereinafter "Cohen"). 

Regarding claims 1,17, and 33, Cohen teaches storing at the enterprise server 
multiple security credentials for a remote user to access respective secure resources 
residing on a network employing a generic application layer network protocol (column 4, 
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lines 1-67, column 5, lines 1-67); maintaining a map between one or more resource 
sen/ers and a type of security credential required to access each resource server 
(column 8, lines 1-67. column 9. lines 1-67); receiving at the enterprise server a signal 
representing a request from the remote user for a first of the secure resources (column 
6, lines 1-67. column 7, lines 1-67); determining, by referring to the map and without the 
intervention of the user, the type of security credential for the remote user that is 
required to access the first secure resource (column 6. lines 1-67, column 7, lines 1-67); 
and sending from the server a signal representing a second request to retrieve the first 
secure resource, the second request including a first of the security credentials for the 
user of the type required to access the first secure resource (column 6, lines 1-67, 
column 7, lines 1-67). 

Regarding claims 2, 18, and 34. Cohen teaches authenticating the user before 
sending the signal representing the second request (column 6, lines 1-67. column 7, 
lines 1-67). 

Regarding claims 3, 19, and 35. Cohen teaches receiving at the server a signal 
representing a response to the second request (column 4, lines 1-67, column 5, lines 1- 
67); and sending from the server a signal representing a result to the remote user, the 
result based on the response to the second request (column 4, lines 1-67, column 5, 

lines 1-67). 

Regarding claims 4, 20, and 36, Cohen teaches wherein the request includes a 
logon credential for the remote user, the method further comprising: authenticating the 
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remote user based on the logon credential before sending the second request (column 
4, lines 1-67, column 5, lines 1-67). 

Regarding claims 5, 21, and 37, Cohen teaches wherein the request includes a 
logon credential for the remote user and the type of security credential required to 
access the first secure resource includes the logon credential, the method further 
comprising: sending the signal representing the second request to retrieve the first 
secure resource, the second request including the logon credential (column 4, lines 1- 
67, column 5, lines 1-67, column 10, lines 1-67). 

Regarding claims 6, 22, and 38, Cohen teaches wherein the request includes a 
logon credential for the remote user, the method further comprising: receiving at the 
server a signal representing a single-sign-on (SSO) credential generated by a SSO 
provider based on the logon credential; and sending from the server a signal 
representing the SSO credential to retrieve the first secure resource when the type of 
credential required to access the first secure resource includes the SSO credential 
(column 4, lines 1-67, column 5, lines 1-67, column 10, lines 1-67). 

Regarding claims 7, 23, and 39, Cohen teaches sending from the server a 
signal representing the SSO credential to retrieve the first secure resource when the 
type of credential required to access the first secure resource includes a second SSO 
token corresponding to a second SSO provider having a trust relationship with a first 
SSO provider corresponding to the SSO token (fig 10, column 8, lines 1-67, column 9, 
lines 1-67, column 15, lines 1-60). 
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Regarding claims 8, 24, and 40, Cohen teaches receiving at the server a signal 
representing a second SSO credential generated by a second SSO provider based on 
the first SSO credential; and sending from the server a signal representing the second 
SSO credential to retrieve the first secure resource when the type of credential required 
to access the first secure resource includes the second SSO credential (fig 10, column 
8, lines 1-67, column 9, lines 1-67, column 15, lines 1-60). 

Regarding claims 12, 28, and 44, Cohen teaches determining, without the 
intervention of the user, the type of security credential for the remote user that is 
required to access the second secure resource; and sending from the server a signal 
representing a fourth request for retrieving the second secure resource, the fourth 
request including a second of the security credentials for the user of the type required to 
access the second secure resource; and wherein the signals representing the second 
and fourth requests are sent concurrently (column 5, lines 1-67, column 6, lines 1-67). 

Regarding claims 13, 29, and 45, Cohen teaches wherein the types of security 
credentials included in the second and fourth requests differ (column 5, lines 1-67, 
column 6, lines 1-67). 

Regarding claims 14, 30, and 46, Cohen teaches wherein the types of security 
credentials included in the second and fourth requests are the same (column 5, lines 1- 
67, column 6, lines 1-67). 

Regarding claims 15, 31, and 47, Cohen teaches receiving at the server a 
signal representing the first security credential from the user before receiving the signal 
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representing the first request (column 4. lines 1-67, column 5, lines 1-67, column 6. 
lines 1-67). 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

8. Claims 9-11, 25-27, and 41-43 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Cohen, and further in view of Rodriguez et al. (NPL "An 
Introduction to IBM WebSphere Everyplace Suite version 1.1", hereinafter 
"Rodriguez). 

Regarding claims 9, 25, and 41, Cohen teaches a single sign-on system using 
a client/server architecture (columns 5-15). Cohen does not expressly disclose wherein 
the generic application-layer network protocol is hypertext transfer protocol. However, 
Rodriguez teaches wherein the generic application-layer network protocol is hypertext 
transfer protocol (chapter 6). Therefore, it would have been obvious to one having 
ordinary skill in the art at the time the invention was made to use the hypertext transfer 
protocol with the system of Cohen. One of ordinary skill in the art would have been 
motivated to perform such a modification to provide a browser based single sign-on 
system to access web and enterprise applications from pervasive computing devices 
(Preface. Part 1, chapter 1). 
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Regarding claims 10, 26, and 42, the combination of Cohen and Rodriguez 
teaches the limitations as set forth under claims 9, 25, and 41 respectively above. 
Furthermore, Rodriguez teaches receiving at the server a signal representing data in 
response to the second request; and sending from the server a signal representing at 
least a portion of the data to the remote user (chapter 6). 

Regarding claims 11, 27, and 43, the combination of Cohen and Rodriguez 
teaches the limitations as set forth under claims 10, 26, and 42 respectively above. 
Furthermore, Rodriguez teaches wherein the first secure resource includes a Web site, 
and the data is hypertext mark-up language (chapter 6). 
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Conclusion 



9. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. IBM's "Secured Single Signon in a Client/Server Environment" 
discloses a single sign-on system, storing user credentials, and providing secure access 
to resources. 

10. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David G. Cervetti whose telephone number is (571) 272- 
5861. The examiner can normally be reached on Monday-Friday 7:00 am - 5:00 pm, off 
on Wednesday. 

11. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on (571) 272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

12. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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